Vulnerabilities > IBM > Business Process Manager Enterprise Service BUS > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-08	CVE-2018-1885	Information Exposure vulnerability in IBM products IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow an unauthenticated attacker to obtain sensitve information using a specially cracted HTTP request. network low complexity ibm CWE-200	5.3
2018-03-30	CVE-2018-1384	Cross-site Scripting vulnerability in IBM products IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2018-03-30	CVE-2017-1765	Information Exposure vulnerability in IBM Business Process Manager IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server. network low complexity ibm CWE-200	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.